|
|
Colapse all |
Post message
MDKSA-2005:154 - Updated python packages fix integer overflow vulnerability 2005-08-26 Mandriva Security Team (security mandriva com) XSS security hole in phpwebnotes. 2005-08-27 nf2 (nf2 scheinwelt at) Hi security team! I have found a security hole in a popular php application (not maintained anymore). The hole already gets exploited - our server was hacked that way two days ago. Probably hackers just use google to find installations of phpwebnotes. Version: phpWebNotes-2.0.0-pr1.tar.gz (last) [ more ] [ reply ] Re: Tool for Identifying Rogue Linksys Routers 2005-08-27 Volker Tanger (vtlists wyae de) Hi Group! On Fri, 26 Aug 2005 09:32:31 -0500 Graham Wilson <graham (at) mknod (dot) org [email concealed]> wrote: > > > Is there a scanning tool out there that can determine if there are > > unauthorized Linksys (type) routers in a specific VLAN? I assume you have not port-locked your switches? Many managed Layer-2 switches c [ more ] [ reply ] Looking Glass v20040427 arbitrary commands execution / cross site scripting 2005-08-27 retrogod aliceposta it 9.05 27/08/2005 Looking Glass v20040427 arbitrary commands execution / cross site scripting description: Looking Glass is a pretty extensive web based network querying tool for use on php enabled servers. site: http://de-neef.net/articles.php?id=2&page=1 download page: http://de-neef.net/downl [ more ] [ reply ] Sophos Antivirus Library Remote Heap Overflow 2005-08-26 list rem0te com Date August 26, 2005 Vulnerability The Sophos Antivirus Library provides file format support for virus analysis. During analysis of Visio files Sophos is vulnerable to a heap overflow allowing attackers complete control of the system(s) being protected. This vulnerability can be exploited remotely [ more ] [ reply ] DMA[2005-0826a] - 'Nokia Affix Bluetooth btsrv poor use of popen()' 2005-08-26 KF (lists) (kf_lists digitalmunition com) Simple PHP Blog File Upload and User Credentials Exposure Vulnerabilities 2005-08-26 Scott Dewey (wr0ck xorcrew net) [SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution 2005-08-26 joey infodrom org (Martin Schulze) MDKSA-2005:151 - Updated pcre packages fix integer overflow vulnerability 2005-08-25 Mandriva Security Team (security mandriva com) [ GLSA 200508-18 ] PhpWiki: Arbitrary command execution through XML-RPC 2005-08-26 Thierry Carrez (koon gentoo org) Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities 2005-08-26 Cedric Cochin (cedric cochin gmail com) Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities ######################################################################## Summary : A large majority of PHP Images Gallery Technologies now handle the Exchangeable Image File (EXIF) header of jpeg files. The Exchangeable I [ more ] [ reply ] MDKSA-2005:150 - Updated bluez-utils packages fix vulnerability 2005-08-25 Mandriva Security Team (security mandriva com) [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access 2005-08-26 Boren, Rich (HP SSRT) (rich boren hp com) AWstats Path Disclosure Vulnerability 2005-08-26 fournaux khmerdev com Good morning all. "AWStats is a free powerful and featureful tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages." Once yo [ more ] [ reply ] RE: Tool for Identifying Rogue Linksys Routers 2005-08-25 Matt Mercer (MattM pyramidcorporation com) Hi Martin, >We are migrating from Lucent QIP to MetaIP for DHCP services and so >far we have had two issues when MetaIP has been implemented for VLAN >that has an unauthorized Linksys router giving out IP addresses. If you have an IDS such as Snort configured on your network, it would be fairly s [ more ] [ reply ] MDKSA-2005:152 - Updated php packages fix integer overflow vulnerability 2005-08-25 Mandriva Security Team (security mandriva com) [SECURITY] [DSA 787-1] New backup-manager package fixes several vulnerabilities 2005-08-26 joey infodrom org (Martin Schulze) 22nd Chaos Communication Congress 2005: Call for Papers 2005-08-26 fukami (fukami berlin ccc de) Call for Papers 22C3 - Private Investigations 22nd Chaos Communication Congress December 27th to 30th, 2005 Berlin, Germany http://www.ccc.de/congress/2005/ Overview ======== The 22nd Chaos Communication Congress (22C3) is a four-day conference on technology, society and utopia. The Congress o [ more ] [ reply ] RE: Tool for Identifying Rogue Linksys Routers 2005-08-25 Thomas Guyot-Sionnest (Thomas zango com) The right way to fix that is to implement switch-level recurity. Limit the number of mac and IP address on each ports. No workstation should ever have more that one MAC and IP address... If you don't have the budget for that kind of switch, I'd first try to identify open ports and try to recognize [ more ] [ reply ] [USN-174-1] courier vulnerability 2005-08-26 Martin Pitt (martin pitt canonical com) =========================================================== Ubuntu Security Notice USN-174-1 August 26, 2005 courier vulnerability CAN-2005-2151 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The [ more ] [ reply ] MDKSA-2005:149 - Updated lm_sensors packages fix temporary file vulnerability 2005-08-25 Mandriva Security Team (security mandriva com) |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: python
Advisory ID:
[ more ] [ reply ]